Known Vulnerabilities for products from Lightcms Project
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Lightcms Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-29934 json | A reflected cross-site scripting (XSS) vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execu... | Not Provided | 2026-03-26 | 2026-05-10 |
| CVE-2024-22559 json | 5.4 - MEDIUM | 2024-01-29 | 2024-02-02 | |
| CVE-2023-27060 json | LightCMS v1.3.7 was discovered to contain a remote code execution (RCE) vulnerability via the image:make function. | 9.8 - CRITICAL | 2023-03-22 | 2023-03-28 |
| CVE-2022-33009 json | A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HT... | 4.8 - MEDIUM | 2022-06-27 | 2022-07-06 |
| CVE-2021-27112 json | LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during th... | 9.8 - CRITICAL | 2021-04-15 | 2021-04-19 |
| CVE-2021-3355 json | A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title fi... | 5.4 - MEDIUM | 2021-02-24 | 2021-03-04 |